Auth Shield-How to implement two factor authentication with Windows Server 2008 NPS

Two factor authentications is the latest information security solution that has been making the right noises in the industry. It is one of the most useful and impregnable security solutions that has established its utility and significance in recent times. Whether it is the security of data and information on one’s smartphone, computer or laptop or it is maintaining the fool-proof security of one’s business enterprise two factor authentication has really made a mark and can be used in an assured way. Two factor authentication Solution allows seamless access to the secured data and information on two factors that require User’s name and password.

It is very important to add two-factor authentication to various Microsoft remote access solutions through the Windows Server 2008 Network Policy Server. For this one must use the feature-rich two factor authentication system procured from a leading information security solution provider. Whether you need two factor authentication for meeting payment card industry security needs or you want to lock down your remote desktop with the same you must avail services of IT experts of a leading service provider who will create an SSH gateway server that is locked down with two-factor authentication.

The admin can remotely access the server through a proper SSH gateway using public key authentication. Besides this one may add two-factor authentication to other services, such as Remote Desktop protocol or Virtual private network administration for which SSH keys will suitably work and offer fool-proof security.

When you will get two factor authentication product key installed and set all configurations then your system will work like this: You will need to generate a one-time passcode (OTP) from your Authshield Two Factor Authentication software token. You will enter it into the SSH password field. Your credentials will be transferred from the SSH gateway to NPS via radius. NPS will validate that the user is active in AD and in the proper group. If it is found true then it sends the username and one-time password to the Authshield strong Authentication Server still using Radius. If the OTP is valid, the Authshield server responds to the NPS, which in turn responds to the SSH gateway server and the user is granted access.

This process is required only for authentication while the management of logging session is still handled by the SSH gateway or any other remote access service you are using. You will have to enable Network Policy Server and Routing & Remote Access Servicesduring installation. Afterwards you will have to add a new RADIUS Client - The SSH Gateway in this case. You must select Network Policy Serverfrom Administrative Tools. Then you must Right click on Radius Clients and Select New. You should add a name, the IP address of your remote access server (RAS, VPN) and create a shared secret. You will enter the same shared secret on the Authshield strong Authentication Server. You just click OK and continue enjoying your website operations with complete assurance.

I am Technology Evangelist. I am part of the core team of Authshield Labs and have been actively involved in research on information security vulnerabilities.